Biometric authentication is generally regarded as being more secure, and also more user-friendly, than conventional forms of authentication. Examples of biometric authentication include the use of fingerprints, voice patterns, retinal patterns, and/or other physiological characteristics of a user to uniquely identify that user.
Typically, when the user wishes to access a protected application (e.g., secure building, secure area within a building, secure computer, secure software application, etc.), the user is asked to provide a substantially real-time sample of the biometric characteristic. For example, he might place his finger in a fingerprint scanner, speak a voice sample into a microphone, peer into a retinal scanner, etc. The real-time sample is captured electronically (typically digitally), and compared to a stored sample. If the captured sample matches the stored sample, the user is given access.
Biometric authentication relies on “something the user is” and, therefore, is more secure than conventional authentication which relies on “what the user has” (e.g., a password, a private key, etc.). Something the user inherently “is” is not easily stolen, in contrast to a user-held quantity that the user “has.” Biometric authentication is also more user-friendly because the user need not carry around (or otherwise maintain access to) an external authentication datum.
However, biometric authentication is not infrastructure-friendly, because of the relative scarcity of biometric scanners. This scarcity, in turn, reflects the fact that biometric data acquisition is much more expensive than conventional authentication. For example, a fingerprint- or retinal-based biometric scanner requires optics (to visualize the biometric data), image acquisition hardware/software (to capture the data), digital processing software (to transform the data to a standard format at an acceptable quality level), and a moderately high bandwidth connection to a computer (to transmit the data for authentication). In contrast, in a conventional authentication scheme, a simple pop-up field in a web browser is sufficient to capture the password or other alphanumeric datum. The expense and complexity of biometric scanners is a significant reason why biometric authentication has to date only been widely deployed in ultra high security environments (e.g., nuclear power plants, defense facilities, bioresearch labs, etc.) but not in home, office, bank and other everyday commercial environments. Of course, cost reduction would also increase the availability of biometric authentication for ultra high security environments as well.
At the same time, the consumer electronics industry has been steadily driving down the price point, or at least providing increased functionality per unit price, of (still and video) digital cameras and other digital data acquisition devices. Many such devices in common use in home and business environments now contain sufficiently high quality optical and/or sound capture, data acquisition, data processing, and interface capabilities to serve as platforms for biometric data acquisition.
Thus, it would be desirable to have devices and processes to convert commercially available digital imaging devices into biometric scanners.